Giters

FullstackAcademy / boilermaker

Code scaffold for projects

Home Page:https://www.youtube.com/watch?v=7bLSuTHH4Ag&list=PLx0iOsdUOUmn7D5XL4mRUftn8hvAJGs8H

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Unable to deploy Google OAuth on herokuapp.com

arjunv27 opened this issue · comments

commented

PROBLEM

Google OAuth requires authentication with an authorized domain list to run outside of localhost. herokuapp.com is not an authorized domain

Potential soltutions:

  • FSA runs internal OAuth server using docker and Ory Hydra
  • FSA grants ability to deploy on fullstackacademy.com
commented

I looked into this and it is a doozy.

First step was I needed to go to the google client edit page and add the full redirect uri:

I still ran into errors, it turns out the instructions in boilermaker for the redirect uri are to set:

heroku config:set GOOGLE_CALLBACK=/auth/google/callback

With this setting passport will helpfully construct a full url based on the incoming request url.

Which unfortunately in heroku the incoming url is an http:// url as somewhere inside their infrastructure they proxy the external https:// protocol to an unencrypted message.

So the heroku configuration MUST be set to the actual external url.

heroku config:set GOOGLE_CALLBACK=https://gentle-peak-69446.herokuapp.com/auth/google/callback

As far as I can tell this works (deployed at https://gentle-peak-69446.herokuapp.com/) and we should update our materials to cover this twisty maze.